A major security failing at Coupang, a prominent e-commerce firm in South Korea, has led to worries within the country's armed forces regarding the potential disclosure of sensitive military facility placements, Korea Times reports. This incident involved the compromise of personal details linked to approximately 33.7mn customer accounts.

This is particularly noteworthy given that South Korea, remaining technically at war with its neighbour, views the secure location of its military assets as a top national priority. Even seemingly innocuous logistical data points could potentially be exploited by hostile intelligence agencies to map out defensive infrastructure.

The concerns arose because certain military personnel had been inputting specific administrative information, such as names of units, ranks, and internal building numbers, into the shopping platform's delivery application. A junior serviceman noted that this practice was widespread because relying on general addresses often resulted in packages being incorrectly routed, thereby revealing internal base details like size or arrangement.

However, defence officials sought to mitigate alarm, suggesting that the breach posed minimal direct danger to security operations. They explained that delivery staff are barred from entering controlled operational zones, and restricted locations are not visible on public mapping services. Furthermore, many items intended for conscripts are collected externally when they are on leave, lessening the quantity of parcels delivered onto secure premises.

A high-ranking official, speaking anonymously, stated that online fear of wide data exploitation was 'exaggerated.' Most deliveries utilise post office boxes or are centralised at guard posts or administration offices for internal distribution, obscuring exact internal base layouts. Another point raised was that unit numbering is standardised and doesn't reveal a mission or force composition.

Though the Ministry of National Defence has given assurances that the leaked addresses are not operationally sensitive, critics warn that seemingly ordinary personal information could be leveraged by adversaries to create detailed profiles of off-base senior officers for targeted espionage. Meanwhile, Sangmyung University academic Yoo Jin-ho cautioned against panic over secondary breaches, suggesting that cross-platform account misuse would necessitate matching details like identification, saved payment cards, and passwords across various services. He advised users to activate automatic notifications for changes to their personal data. Consumer organisations are initiating legal proceedings against the company, alleging a serious security lapse in the management of private delivery records. Coupang has confirmed that both delivery locations and access codes were compromised and is collaborating with the relevant authorities.

© 2025 bne IntelliNews, source Magazine